Mercurial > dropbear
changeset 1376:9e9c8d37fd56 fuzz
limit input size
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Thu, 25 May 2017 22:21:23 +0800 |
| parents | d8215479a58a |
| children | d4cc85e6c569 |
| files | svr-authpubkey.c |
| diffstat | 1 files changed, 3 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/svr-authpubkey.c Thu May 25 22:20:10 2017 +0800 +++ b/svr-authpubkey.c Thu May 25 22:21:23 2017 +0800 @@ -195,9 +195,9 @@ unsigned int pos, len; int ret = DROPBEAR_FAILURE; - if (line->len < MIN_AUTHKEYS_LINE) { - TRACE(("checkpubkey: line too short")) - return DROPBEAR_FAILURE; /* line is too short for it to be a valid key */ + if (line->len < MIN_AUTHKEYS_LINE || line->len > MAX_AUTHKEYS_LINE) { + TRACE(("checkpubkey: bad line length %d", line->len)) + return DROPBEAR_FAILURE; } /* compare the algorithm. +3 so we have enough bytes to read a space and some base64 characters too. */